hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-12 18:44:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,439 Commits 1,740 Branches 164 Tags
codeql-cli/v2.25.0
Commit Graph

86439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Mansel-Chan
a3de138ec2 Merge pull request #18511 from owen-mc/go/docs/data-flow 
Update documentation on data flow in Go (and some small fixes for java)
 2025-02-03 11:11:04 +00:00
Calum Grant
ed3ad1a226 Merge pull request #18613 from github/calumgrant/bmn/wrong-type-format-arg-linkage 
C++: Remove FPs in cpp/wrong-type-format-argument caused by no linker awareness
 2025-02-03 10:39:32 +00:00
Asger F
fc1d36f867 Rust: update a Rust test case 2025-02-03 11:31:04 +01:00
Asger F
78a7f2670a JS: Update a JS test case 2025-02-03 11:31:03 +01:00
Asger F
28472ae12f Test: Don't expect 'Source' tag when source and alert are on same line 
Previously the Source tag was required if the source and alert did not
have the exact same location. This relaxes the restriction to being on
the same line.

Note that in order to be "on the same line" both start and end lines
have to match.

It's still possible for a given line to expect both Alert and Source
tags, in case the source pairs up with another alert on a different
line.
 2025-02-03 11:31:02 +01:00
Jeroen Ketema
25d8f0e161 Merge branch 'main' into calumgrant/bmn/wrong-type-format-arg-linkage 2025-02-03 11:23:27 +01:00
Calum Grant
6e3a169544 C++: Add change note 2025-02-03 09:48:06 +00:00
Tom Hvitved
1066b880aa Merge pull request #18644 from hvitved/rust/fix-bad-join 
Rust: Fix a bad join
 2025-02-03 10:16:09 +01:00
Tom Hvitved
3d3b785400 Rust: Remove redundant infix casts 2025-02-03 09:12:09 +01:00
Tom Hvitved
e78b79fa45 Update misc/codegen/lib/ql.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-02-03 09:11:13 +01:00
Tom Hvitved
55ac9ae021 Swift: Run codegen 2025-02-03 09:11:11 +01:00
Tom Hvitved
ebe2084507 Rust: Run codegen 2025-02-03 09:11:10 +01:00
Tom Hvitved
ec33457ad4 Codegen: Improve return type of self-typed properties 2025-02-03 09:11:09 +01:00
Simon Friis Vindum
0a9b864738 Rust: Fix model generation test 2025-02-03 09:06:07 +01:00
Ed Minnix
414c0a646a Fix test results 2025-01-31 12:52:48 -05:00
Ed Minnix
aaefa0f82a Add remote flow source test 2025-01-31 11:32:13 -05:00
fabienpe
a9f107ce06 Added missing "GOOD" and "BAD" to some examples 2025-01-31 15:47:25 +00:00
Tom Hvitved
cd1ff6a176 Rust: Fix a bad join 
Before
```
[2025-01-31 14:40:10] Evaluated non-recursive predicate SsaImpl::capturedCallRead/4#1f9b0af4@6f60dcog in 10553ms (size: 372366).
Evaluated relational algebra for predicate SsaImpl::capturedCallRead/4#1f9b0af4@6f60dcog with tuple counts:
        1992868487   ~4%    {6} r1 = JOIN `_BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::get__#shared` WITH `SsaImpl::variableWriteInOuterScope/4#aca2ef34` ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Rhs.1, Rhs.2, Rhs.3
                            {6}    | REWRITE WITH TEST InOut.3 < InOut.2
         998449075   ~0%    {5}    | SCAN OUTPUT In.4, In.5, In.0, In.1, In.2

          12205909   ~1%    {4} r2 = JOIN `_BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::get__#shared` WITH `boundedFastTC:BasicBlocks::BasicBlock.getAPredecessor/0#dispred#268ed41b:_BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::get__#higher_order_body` ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.0, Lhs.2
          34440992   ~9%    {5}    | JOIN WITH `project#SsaImpl::variableWriteInOuterScope/4#aca2ef34` ON FIRST 1 OUTPUT Rhs.1, Rhs.2, Lhs.1, Lhs.2, Lhs.3

        1032890067   ~0%    {5} r3 = r1 UNION r2
            680217  ~74%    {4}    | JOIN WITH `SsaImpl::hasCapturedRead/2#847e9f91` ON FIRST 2 OUTPUT Lhs.2, Lhs.3, Lhs.4, Lhs.0
                            return r3
```

After
```
[2025-01-31 14:43:05] Evaluated non-recursive predicate SsaImpl::capturedCallRead/4#1f9b0af4@15fdf34h in 74ms (size: 373835).
Evaluated relational algebra for predicate SsaImpl::capturedCallRead/4#1f9b0af4@15fdf34h with tuple counts:
        1106129   ~0%    {3} r1 = SCAN `project#SsaImpl::variableWriteInOuterScope/4#aca2ef34` OUTPUT In.1, In.2, In.0
          25209  ~20%    {2}    | JOIN WITH `SsaImpl::hasCapturedRead/2#847e9f91` ON FIRST 2 OUTPUT Lhs.2, Lhs.0
         339364   ~6%    {2}    | JOIN WITH `boundedFastTC:BasicBlocks::BasicBlock.getAPredecessor/0#dispred#268ed41b_10#higher_order_body:_SsaImpl::hasCapturedRead/2#847e9f91_project#SsaImpl::variableWriteInOuterScope/4#aca2ef34#higher_order_body` ON FIRST 1 OUTPUT Rhs.1, Lhs.1
        2095088   ~0%    {4}    | JOIN WITH `BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::getNode/2#4226f9fe` ON FIRST 1 OUTPUT Lhs.0, Rhs.1, Rhs.2, Lhs.1

        1121531   ~0%    {4} r2 = SCAN `SsaImpl::variableWriteInOuterScope/4#aca2ef34` OUTPUT In.2, In.3, In.0, In.1
          25820  ~22%    {3}    | JOIN WITH `SsaImpl::hasCapturedRead/2#847e9f91` ON FIRST 2 OUTPUT Lhs.2, Lhs.0, Lhs.3
         505208   ~1%    {5}    | JOIN WITH `BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::getNode/2#4226f9fe` ON FIRST 1 OUTPUT Lhs.1, Lhs.0, Lhs.2, Rhs.1, Rhs.2
                         {5}    | REWRITE WITH TEST InOut.2 < InOut.3
         344294   ~6%    {4}    | SCAN OUTPUT In.1, In.3, In.4, In.0

        2439382   ~0%    {4} r3 = r1 UNION r2
        2434485   ~7%    {4}    | JOIN WITH `BasicBlock::Make<Locations::Location,BasicBlocks::BasicBlocksImpl::BasicBlockInputSig>::Cached::getNode/2#4226f9fe` ON FIRST 3 OUTPUT Lhs.2, Lhs.3, Lhs.0, Lhs.1
        2393182   ~3%    {4}    | JOIN WITH ControlFlowGraphImpl::CfgImpl::Cached::TAstNode#8f9a3aff_31#join_rhs ON FIRST 1 OUTPUT Rhs.1, Lhs.1, Lhs.2, Lhs.3
         380879   ~0%    {4}    | JOIN WITH `SsaImpl::isControlFlowJump/1#c535656e` ON FIRST 1 OUTPUT Lhs.0, Lhs.2, Lhs.3, Lhs.1
                         return r3
```
 2025-01-31 14:45:36 +01:00
Tom Hvitved
d56bf657b9 Rust: Use PathResolution module in data flow 2025-01-31 13:29:15 +01:00
Tom Hvitved
180782d863 Merge pull request #18579 from hvitved/rust/path-resolution 
Rust: Implement path resolution in QL
 2025-01-31 13:22:21 +01:00
Arthur Baars
384c040679 Merge pull request #18641 from github/aibaars/bazel-rust-opt 
Rust: build optimized code
 2025-01-31 12:37:19 +01:00
Jonas Jensen
7ad6f13bf5 Java: adjust CommandLineQuery locations 
It turns out these locations need to be precise.
 2025-01-31 11:37:16 +01:00
Michael Nebel
42d65f9c7c C#: Add change-note. 2025-01-31 10:37:05 +01:00
Michael Nebel
e863bf5f24 C#: Update TaintTrackingPath test expected output. 2025-01-31 10:37:04 +01:00
Michael Nebel
79fc735c93 C#: Update flow summaries expected file. 2025-01-31 10:37:02 +01:00
Michael Nebel
2cd2d3fe1a C#: Add some manual models for params ReadOnlySpan overloads of common library methods. 2025-01-31 10:37:00 +01:00
Michael Nebel
ecb2e61d7a C#: Update flow summaries test expected output. 2025-01-31 10:36:59 +01:00
Michael Nebel
8781d6762c C#: Update test options files to point to the new stubs. 2025-01-31 10:36:57 +01:00
Michael Nebel
82a193705c C#: Update stubs for other nuget packages and manually cleanup some of the project referenes. 2025-01-31 10:36:56 +01:00
Arthur Baars
4e3c23b68e Rust: build optimized code 2025-01-31 10:12:41 +01:00
Tom Hvitved
1cb524f76f Rust: Remove useTreeIsGlobImport workaround 2025-01-31 10:10:58 +01:00
Tom Hvitved
9d06f80902 Rust: Elaborate QL doc on PathResolution.qll 2025-01-31 10:10:57 +01:00
Tom Hvitved
8eb5792f3b Address review comments 2025-01-31 10:10:55 +01:00
Tom Hvitved
1f6d39f520 Rust: Rename modules test to path-resolution 2025-01-31 10:07:10 +01:00
Tom Hvitved
0aee2e6fb2 Rust: Implement path resolution in QL 2025-01-31 10:07:08 +01:00
Michael Nebel
c7f5de851c C#: Update .NET and ASP.NET framework stubs. 2025-01-31 10:02:40 +01:00
Michael Nebel
8d2ac484b2 C#: Update make_stubs_all to pin ServicePack version number and add some more packages (that previously were transitive dependencies). 2025-01-31 10:02:38 +01:00
Asger F
a0af4c9a84 Merge pull request #18622 from asgerf/js/typescript-tsconfig-names 
JS: Treat more file patterns as tsconfig-like files
 2025-01-31 09:42:50 +01:00
Asger F
a45da05086 Merge pull request #18623 from asgerf/js/nest-di 
JS: Add support for dependency injection in Nest
 2025-01-31 09:42:41 +01:00
Ed Minnix
6ae7edeae0 Add Blazor components file to Remote sources module 2025-01-30 23:07:15 -05:00
Ed Minnix
8bae79d9ce Components file 2025-01-30 23:07:03 -05:00
Asger F
2e65fe9597 JS: Change note 2025-01-30 20:46:30 +01:00
Asger F
d23c198072 JS: Change note 2025-01-30 20:41:20 +01:00
Mathias Vorreiter Pedersen
f35fea3bee Merge pull request #18629 from MathiasVP/fix-more-fps-in-buffer-overflow 
C++: Fix more FPs in `cpp/overflow-buffer`
 2025-01-30 18:28:10 +00:00
Mathias Vorreiter Pedersen
02cf458232 C++: Add change note. 2025-01-30 16:50:22 +00:00
Mathias Vorreiter Pedersen
764a84601f Update cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-01-30 16:09:44 +00:00
Jeroen Ketema
0a8b76c46b Merge pull request #18637 from jketema/forgotten 
C++: Update expected test results
 2025-01-30 17:01:21 +01:00
Jeroen Ketema
94608c5996 C++: Update expected test results 
This seemed to have slipped through earlier.
 2025-01-30 16:53:24 +01:00
Mathias Vorreiter Pedersen
839640a82f Update cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll 
Co-authored-by: Jeroen Ketema <93738568+jketema@users.noreply.github.com>
 2025-01-30 15:31:36 +00:00
Jami Cogswell
0071e1acc2 Java: resolve merge conflict 
remove import no longer needed since contents of MyBatisMapperXML.qll have been moved to MyBatis.qll
 2025-01-30 10:19:21 -05:00